Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

What is Windows Vault?

posted by Passcape_Admin at 09:15:43 19.10.2012

Amazingly, Windows Vault was first introduced to the public with the release of Windows 7, but there's still no normal information with its description on the net. The documentation on this interesting subject is either completely absent or, to say the least, is superficial. So, what is Vault?

Windows Vault is a protected storage for secrets, passwords and other personal information user or system.

Windows Vault has come to replace the outdated 'Credential Manager', which was used in the earlier versions of Windows. Vault has acquired a number of new features:

Backing up and restoring all passwords

Improved encryption system and portability to other systems

Improved programming interface

Manual creation and administration of Vault storages

On the physical level, Vault is a disk-based folder with a set of the following files:

Policy.vpol - set of encryption keys for Vault credentials (records). These keys can be protected using two basic methods: either using DPAPI or using a specific user password. The latter protection method is not used in Windows 8 and currently is not supported by the software.

<GUID>.vsch - Vault schema that contains data description, flags and other system information.

<GUID>.vcrd - Vault credential that stores the original encrypted data associated with a certain schema. The data may consist of and normally consists of several fields. Description of the fields is stored in vsch file. AES algorithm is used to protect Vault credentials. Encryption/decryption key for the algorithm resides in policy.vpol file, salt is involved to prevent instant data recovery using rainbow-table-based attacks.

There are two types of Vault storage at the moment: system Vault and user Vault. The user Vault may be found at the following locations:

Some of the folders have the system attribute set on, which makes the folders hidden in Windows Explorer.

So, Windows Vault is a structured storage for private data that has come to replace Credential Manager. Microsoft's another attempt to create a universal storage for secrets that Windows lacks so badly. We have written about this already.